Thursday, July 18, 2013
There are real threats to our email and critical and sensitive business data. Although we need to take special measures to protect it we frequently fail to do so. Whether at rest or in transit our data is vulnerable, and a primary security measure is email encryption. Here we will look at some of these important issues.
It is a little wearisome to repeat the fact that around 300 billion email messages a day hop around the internet. And yes, around three quarters of them are spam which means the around 75 billion of them are legitimate.
Just a tiny fraction of these are encrypted. The remainder can be read by anybody who comes across them; or seeks them out as they fly from sender to recipient. It is analogous to sending a postcard with a message on it; the postman and many other people can read it.
Nowadays in many organisations when any employee is ‘let go’ he or she is escorted out of the building by security and only allowed to return to their desk if so accompanied. One of the main reasons is to prevent them from emailing confidential documents and company secrets.
Most of the data in your company is vulnerable to many threats. These include espionage, spyware vandalism from disgruntled employees, or simply mistakes and incompetence.
In fact three quarters of your companies IP is usually in an electronic format, for instance emails, document files, spreadsheets, PowerPoint presentations and so forth. Rarely is any form of encryption used to protect it either when it is at rest or when it is being sent by email.
Unplanned public disclosure of sensitive information, for instance credit card details, can be disastrous for an organisation and can have, and frequently has had, many long term consequences that go far beyond legal penalties.
When everything was in printed format sensitive files were carefully guarded and special permissions were needed to access them. Now that so much of information is in electronic format it seems that everybody has taken their eye off the ball; they have let their guard drop. With so much at stake it is very surprising that the general attitude do these risks is so cavalier.
These concerns aren’t simply theoretical. Over recent years there has been a succession of public scandals over data loss and the associated costs are estimated at many billions of pounds a year.
If these problems and threats could be circumvented by data encryption, it begs the question as to why isn’t everybody using it?
It appears that the reason is the general perception that encryption is complicated and that it’s not worth the effort unless you are a spy. Of course that is a misconception. The concepts that underpin encryption are indeed complex and not easily understood by most people, but you don’t need to know the intricacies of a modern internal combustion engine in order to drive a car. Creating encrypted email is (for most people surprisingly) simple.
For more information on email encryption and how to keep your sensitive data safe from prying eyes, please visit Mimecast.com.